mirror/FreshRSS
0
0
Fork 0
mirror of https://github.com/FreshRSS/FreshRSS.git synced 2025-12-23 21:47:44 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix htmlspecialchars for search (#8306)

Browse Source 
Regression from https://github.com/FreshRSS/FreshRSS/pull/8293
This commit is contained in:
Alexandre Alapetite
2025-12-11 18:18:22 +01:00
committed by GitHub
parent 394411677e
commit 044f066c1c
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/Controllers/indexController.php
View File

@@ -106,7 +106,7 @@ class FreshRSS_index_Controller extends FreshRSS_ActionController {
$title = FreshRSS_Context::$name;
$search = FreshRSS_Context::$search->__toString();
if ($search !== '') {
$title = '“' . $search . '”';
$title = '“' . htmlspecialchars($search, ENT_COMPAT, 'UTF-8') . '”';
}
if (FreshRSS_Context::$get_unread > 0) {
$title = '(' . FreshRSS_Context::$get_unread . ') ' . $title;

2
app/layout/header.phtml
View File

@@ -40,7 +40,7 @@
<?php } ?>
<div class="stick">
<input type="search" name="search" id="search"
value="<?= FreshRSS_Context::$search->__toString() ?>"
value="<?= htmlspecialchars(FreshRSS_Context::$search->__toString(), ENT_COMPAT, 'UTF-8') ?>"
placeholder="<?= _t('gen.menu.search') ?>" />
<button class="btn" type="submit"><?= _i('search') ?></button>
</div>